Computer Associates AV?

I tried Norton AV 2006 and it was not really what I liked. After uninstalling it, my computer speeded up immensely. However, I am again without an AV product.
I noticed that not too much is said about CA's EZAntivirus. Is this a good product?

 

It is a pretty fair av. it runs light and updates everyday. give it a trial and see how you like it.

 

Ok, thanks bigc73542!

 

Sorry to bother you guys again, but this question has been bugging me ever since i used Zonealarm Pro. What would be an example of a light but protective firewall?

 

I use Kerio 2.5.1 it is probably the lightest, but it needs to be tweaked a bit. really zone alarm free is a pretty good firewall and it runs fairly light.

 

ca is pretty good.. but if your going to use p2p then your need kaspersky or even norton

 

How is the Kaspersky AV in terms of system slowdown, mem/cpu/basic resource usage and such? Would it be better or worse than Norton? Also, would KAV and Nod32 be ok for something such as Bittorrent?
Sorry for all these questions but I dont know much about security.

**EDIT**
Final question, where can I find Kerio 2.5.1? What kind of settings need to be changed?

Thanks to everyone for the help.

 

You can get Kerio 2.1.5 here: http://download.kerio.com/archive/

 

Kerio can be found here http://www.321download.com/LastFreeware/page7.html#Kerio Personal Firewall

Never used it so can't tell you about the settings.

You don't have to repeat "last question" keep them coming, the community is great in this forum.

Nod32 uses the least system resources amongst the top AV's and has great heuristics.

 

kav is #1 in terms of antivirus

 

take a look here to compare antiviruses http://www.av-comparatives.org/



URL edited to make it work, -===bigc

 

didnt know

 

No problem

 

Returning to the main question, I have tested the new CA Etrust Antivirus 8.0.
It has a fantastic web interface but the same fair OLD engines and much MORE recources. (about 60K !! on my system).

Regards
joter

 

err wait , 60 k are a lot more ressources to you ? or maybe you meant 60 meg or something ?

 

I am not seeing near that amount of usage

 

You can try it one year for free when you are a microsoft customer.

http://www.my-etrust.com/microsoft/

Exclusive offer for Microsoft customers. Free 12-month software subscription to CA's eTrust EZ Antivirus. Valid for new users only. Limit 1 per household. Not to be combined with any other offer. Annual subscriptions can be renewed after first year at current renewal rate. Computer Associates reserves the right to retract this offer at any time.
*ICSA Certification means the software must detect 100% of "in-the-wild" viruses. See www.icsa.net.

 

sorry of course I ment 60 MB ! for version 8.0.

joter

 

imo every bigger company which can afford to pay the participation fee for icsa tests is able to get certified due detecting just the limited list of itw-samples, so i would not base an opinion about a product only on the detection of viruses listd on the wildlist.

 

On the other hand, if an AV repeatedly does really lousy (fails) against wildlist, then I *assume* it would be wise NOT to use that AV. Am I correct in this assumption?

 

i would say: depends
depends e.g. if they got the wildlist samples in advance or not.
sorry, but my opinion about the itw-list is gone bad over the time, i am not much convinced about it lately...

 

Yes, i would second that. Let's speak very frankly - there's NOTHING in the wildlist (maybe except the Kriz Virus because of speed reasons for crypto attacks, but this is a very old virus and detected anyway from everyone) what is even SLIGHTLY difficult to detect. So basically the wildlist test doesn't state how "good" an antivirus engine is, but how good the team behind it is. Lemme explain it a bit more: You have nearly all modules tested there. If you make a mistake then your product fails. On-Demand Scan, On-Access Scan, ItW-Malware, False Positives, Crashs. That's basically all. You have some "beside" tests of poly-malware (which isn't ItW listed), some Macro stuff etc. But you do not need to detect 100% in the other categories to get this Award. ItW Set without f/p and without any problems during on-access scan and on-demand scan are the rules. (Just as a example here)

So the conclusion of this all is:
This reflects more the Diligence and Coordination of the Teams.
This is also very important to create a successful product of course.
I mean it can always happen that you make some small mistake - let it be a false positive or - in the KAV-Clone Szene that you forgot to test the Floppy Access (You have to provide some things for the KAV SDK by yourself, it's not only the gui, so you can have bugs there which haven't to do with KAV)
That's also the reason why some KAV-Clones failing even when KAV gets this award. As i said before, this has NOTHING, ABSOLETLY NOTHING to do with the virus database. Some of the KAV-Clones having also a own scan-engine with a own virus database. If this Engine produces a false positive that's it.

A good QA and regulary tests (not only 5 minits before the VB test starts) is the key to success. And (most important) to have a "eye" for such widely spreaded malware. Most of the fails in the VB tests with misses were not because it missed the main executable ( the worm as it comes into your email inbox ) but because it missed some components. For example a worm is dropping a Backdoor Keylogger DLL. You have to replicate this worm and/or proper analyse it with a disassembler to know that it will drop this file. Some of the files dropping (or downloading) components only under special system environments. An "excuse" oh we didn't know about it doesn't count here.

Conclusion 2: It also reflects how serious/exactly a VirusLab is working. Including just the main worm is "quick and dirty", but including all proper components of this worm/malware is the right way. Because such a component might already run on a customers machine when you issue the update - so if you do not proper replicate then your AV Solution will detect the Worm, but not the dropped (and already running) backdoor keylogger component for example. Gotcha?

8^) H.B.

 

Kapersky is immensely superior to Norton..especially when detecting ad/spyware/trojans. Also quite a bit lighter in resource usage.

Stick with KAV, or NOD32, or Bitdefender.

 

That is just not true. I would definitely recognize KAV as the best in signature detection, over all the other popular AVs, but "immensely superior" is a bit of overstatement, IMHO, in comparison to the latest version of NAV. I have several Gigs of malware samples and both AVs {NAV and KAV} that I have tested ..

 

But "real world" usage...compare the percentage of Mcafee and Symantec rigs that get infected, against the percentage of KAV or NOD32 rigs that get infected. It's a rediculously slanted scale...years in the field have shown me. I see it all the time...all_the_time. That's why I laugh at most "lab controlled" comparison tests. There's a HUGE difference between them, and actual end user environments.